search

sassoftware / viya4-monitoring-kubernetes

Provides simple scripts and customization options to deploy monitoring, alerts, and log aggregation for Viya 4 running on Kubernetes
Apache License 2.0
50 stars 31 forks source link

Alertendpoint #615

Closed gsmith-sas closed 2 weeks ago

github-actions[bot] commented 2 months ago

sh-checker report

To get the full details, please check in the job output.

shellcheck errors ``` 'shellcheck -e SC1004' returned error 1 finding the following syntactical issues: ---------- In monitoring/bin/deploy_monitoring_cluster.sh line 6: cd "$(dirname $BASH_SOURCE)/../.." ^----------^ SC2128 (warning): Expanding an array without an index only gives the first element. ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: cd "$(dirname "$BASH_SOURCE")/../.." In monitoring/bin/deploy_monitoring_cluster.sh line 7: source monitoring/bin/common.sh ^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 8: source bin/service-url-include.sh ^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 18: source bin/tls-include.sh ^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 19: if verify_cert_generator $MON_NS prometheus alertmanager grafana; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then In monitoring/bin/deploy_monitoring_cluster.sh line 20: log_debug "cert generator check OK [$cert_generator_ok]" ^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 22: log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" ^-------------^ SC2154 (warning): cert_generator is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 26: helm2ReleaseCheck v4m-$MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm2ReleaseCheck v4m-"$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 27: helm2ReleaseCheck prometheus-$MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm2ReleaseCheck prometheus-"$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 43: if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then In monitoring/bin/deploy_monitoring_cluster.sh line 44: kubectl create ns $MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create ns "$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 47: disable_sa_token_automount $MON_NS default ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" default In monitoring/bin/deploy_monitoring_cluster.sh line 52: generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" ^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 100: if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then ^--^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then In monitoring/bin/deploy_monitoring_cluster.sh line 101: kubectl replace -f $crdURL ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl replace -f "$crdURL" In monitoring/bin/deploy_monitoring_cluster.sh line 103: kubectl create -f $crdURL ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create -f "$crdURL" In monitoring/bin/deploy_monitoring_cluster.sh line 111: kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found In monitoring/bin/deploy_monitoring_cluster.sh line 129: create_tls_certs $MON_NS monitoring ${apps[@]} ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. ^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements. Did you mean: create_tls_certs "$MON_NS" monitoring ${apps[@]} In monitoring/bin/deploy_monitoring_cluster.sh line 139: kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https In monitoring/bin/deploy_monitoring_cluster.sh line 140: kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS In monitoring/bin/deploy_monitoring_cluster.sh line 141: kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring In monitoring/bin/deploy_monitoring_cluster.sh line 145: kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found In monitoring/bin/deploy_monitoring_cluster.sh line 147: kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 148: kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring In monitoring/bin/deploy_monitoring_cluster.sh line 160: if helm3ReleaseExists prometheus-operator $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists prometheus-operator "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 169: if helm3ReleaseExists $promRelease $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists $promRelease "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 183: kubectl delete -n $MON_NS --ignore-not-found \ ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete -n "$MON_NS" --ignore-not-found \ In monitoring/bin/deploy_monitoring_cluster.sh line 202: chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)" ^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 203: versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" ^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 206: helm $helmDebug upgrade --install $promRelease \ ^--------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm "$helmDebug" upgrade --install $promRelease \ In monitoring/bin/deploy_monitoring_cluster.sh line 207: --namespace $MON_NS \ ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: --namespace "$MON_NS" \ In monitoring/bin/deploy_monitoring_cluster.sh line 208: -f $imageKeysFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$imageKeysFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 210: -f $istioValuesFile \ ^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$istioValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 211: -f $tlsValuesFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tlsValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 212: -f $tlsPromAlertingEndpointFile \ ^--------------------------^ SC2154 (warning): tlsPromAlertingEndpointFile is referenced but not assigned. ^--------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tlsPromAlertingEndpointFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 213: -f $nodePortValuesFile \ ^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$nodePortValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 214: -f $wnpValuesFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$wnpValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 215: -f $PROM_OPER_USER_YAML \ ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$PROM_OPER_USER_YAML" \ In monitoring/bin/deploy_monitoring_cluster.sh line 216: -f $tempoDSFile \ ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tempoDSFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 227: $versionstring \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$versionstring" \ In monitoring/bin/deploy_monitoring_cluster.sh line 228: $chart2install ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$chart2install" In monitoring/bin/deploy_monitoring_cluster.sh line 233: disable_sa_token_automount $MON_NS v4m-grafana ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-grafana In monitoring/bin/deploy_monitoring_cluster.sh line 234: disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus In monitoring/bin/deploy_monitoring_cluster.sh line 235: disable_sa_token_automount $MON_NS v4m-node-exporter ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-node-exporter In monitoring/bin/deploy_monitoring_cluster.sh line 236: disable_sa_token_automount $MON_NS v4m-alertmanager ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-alertmanager In monitoring/bin/deploy_monitoring_cluster.sh line 239: disable_sa_token_automount $MON_NS v4m-kube-state-metrics ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics In monitoring/bin/deploy_monitoring_cluster.sh line 240: enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics In monitoring/bin/deploy_monitoring_cluster.sh line 241: disable_sa_token_automount $MON_NS v4m-operator ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-operator In monitoring/bin/deploy_monitoring_cluster.sh line 242: enable_pod_token_automount $MON_NS deployment v4m-operator ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: enable_pod_token_automount "$MON_NS" deployment v4m-operator In monitoring/bin/deploy_monitoring_cluster.sh line 259: chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 260: versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 266: -f $imageKeysFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$imageKeysFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 269: $versionstring \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$versionstring" \ In monitoring/bin/deploy_monitoring_cluster.sh line 270: $chart2install ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$chart2install" In monitoring/bin/deploy_monitoring_cluster.sh line 275: kubectl get ns $NGINX_NS 2>/dev/null ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl get ns "$NGINX_NS" 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 276: if [ $? == 0 ]; then ^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?. In monitoring/bin/deploy_monitoring_cluster.sh line 283: kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 287: kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 290: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 293: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 294: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 299: kubectl apply -n $MON_NS -f $f ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. ^-- SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f "$f" In monitoring/bin/deploy_monitoring_cluster.sh line 328: gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE") In monitoring/bin/deploy_monitoring_cluster.sh line 334: if helm3ReleaseExists v4m $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists v4m "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 346: if [ ! -z "$gf_url" ]; then ^-- SC2236 (style): Use -n instead of ! -z. For more information: https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ... https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind... https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ... ---------- You can address the above issues in one of three ways: 1. Manually correct the issue in the offending shell script; 2. Disable specific issues by adding the comment: # shellcheck disable=NNNN above the line that contains the issue, where NNNN is the error code; 3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file. ```
shfmt errors ``` 'shfmt -s' returned error 1 finding the following formatting issues: ---------- --- monitoring/bin/deploy_monitoring_cluster.sh.orig +++ monitoring/bin/deploy_monitoring_cluster.sh @@ -8,19 +8,19 @@ source bin/service-url-include.sh if [ "$OPENSHIFT_CLUSTER" == "true" ]; then - if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then - log_error "This script should not be run on OpenShift clusters" - log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead" - exit 1 - fi + if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then + log_error "This script should not be run on OpenShift clusters" + log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead" + exit 1 + fi fi source bin/tls-include.sh if verify_cert_generator $MON_NS prometheus alertmanager grafana; then - log_debug "cert generator check OK [$cert_generator_ok]" + log_debug "cert generator check OK [$cert_generator_ok]" else - log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" - exit 1 + log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" + exit 1 fi helm2ReleaseCheck v4m-$MON_NS @@ -32,33 +32,32 @@ PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}" if [ ! -f "$PROM_OPER_USER_YAML" ]; then - log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml" - PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml + log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml" + PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml fi if [ "$HELM_DEBUG" == "true" ]; then - helmDebug="--debug" + helmDebug="--debug" fi if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then - kubectl create ns $MON_NS + kubectl create ns $MON_NS - #Container Security: Disable serviceAccount Token Automounting - disable_sa_token_automount $MON_NS default + #Container Security: Disable serviceAccount Token Automounting + disable_sa_token_automount $MON_NS default fi #Generate yaml file with all container-related keys -generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template" -generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" -generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_" -generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_" -generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_" -generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_" -generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_" -generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_" -generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_" +generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template" +generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" +generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_" +generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_" +generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_" +generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_" +generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_" +generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_" +generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_" - set -e log_notice "Deploying monitoring to the [$MON_NS] namespace..." @@ -68,43 +67,43 @@ istioValuesFile=$TMP_DIR/empty.yaml # Istio - Federate data from Istio's Prometheus instance if [ "$ISTIO_ENABLED" == "true" ]; then - log_verbose "Including Istio metric federation" - istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml + log_verbose "Including Istio metric federation" + istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml else - log_debug "ISTIO_ENABLED flag not set" - log_debug "Skipping deployment of federated scrape of Istio Prometheus instance" + log_debug "ISTIO_ENABLED flag not set" + log_debug "Skipping deployment of federated scrape of Istio Prometheus instance" fi # Check if Prometheus Operator CRDs are already installed PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true} if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then - log_verbose "Updating Prometheus Operator custom resource definitions" - crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes ) - for crd in "${crds[@]}"; do - - ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR. - if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then - crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml + log_verbose "Updating Prometheus Operator custom resource definitions" + crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes) + for crd in "${crds[@]}"; do - ## Fail if the CRDs could not be located. - if [ ! -f "$crdURL" ]; then - log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in" - log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory" - log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment" - exit 1 - fi - else - crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml" - fi + ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR. + if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then + crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml - if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then - kubectl replace -f $crdURL - else - kubectl create -f $crdURL - fi - done + ## Fail if the CRDs could not be located. + if [ ! -f "$crdURL" ]; then + log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in" + log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory" + log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment" + exit 1 + fi + else + crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml" + fi + + if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then + kubectl replace -f $crdURL + else + kubectl create -f $crdURL + fi + done else - log_debug "Prometheus Operator CRD update disabled" + log_debug "Prometheus Operator CRD update disabled" fi # Remove existing DaemonSets in case of an upgrade-in-place @@ -113,11 +112,11 @@ # Optional workload node placement support MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}} if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then - log_verbose "Enabling monitoring components for workload node placement" - wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml" + log_verbose "Enabling monitoring components for workload node placement" + wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml" else - log_debug "Workload node placement support is disabled" - wnpValuesFile="$TMP_DIR/empty.yaml" + log_debug "Workload node placement support is disabled" + wnpValuesFile="$TMP_DIR/empty.yaml" fi # Optional TLS Support @@ -125,113 +124,113 @@ serviceMonitorEndpointScheme="http" if [ "$TLS_ENABLE" == "true" ]; then - apps=( prometheus alertmanager grafana ) - create_tls_certs $MON_NS monitoring ${apps[@]} + apps=(prometheus alertmanager grafana) + create_tls_certs $MON_NS monitoring ${apps[@]} - tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml - log_debug "Including TLS response file $tlsValuesFile" + tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml + log_debug "Including TLS response file $tlsValuesFile" - log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana" - grafanaDS=grafana-datasource-prom-https.yaml - if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then - grafanaDS=grafana-datasource-prom-https-path.yaml - fi - kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https - kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS - kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring + log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana" + grafanaDS=grafana-datasource-prom-https.yaml + if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then + grafanaDS=grafana-datasource-prom-https-path.yaml + fi + kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https + kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS + kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring - # node-exporter TLS - log_verbose "Enabling Prometheus node-exporter for TLS" - kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found - sleep 1 - kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml - kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring + # node-exporter TLS + log_verbose "Enabling Prometheus node-exporter for TLS" + kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found + sleep 1 + kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml + kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring - serviceMonitorEndpointScheme="https" + serviceMonitorEndpointScheme="https" fi nodePortValuesFile=$TMP_DIR/empty.yaml PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false} if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then - log_debug "Enabling NodePort access for Prometheus and Alertmanager" - nodePortValuesFile=monitoring/values-prom-nodeport.yaml + log_debug "Enabling NodePort access for Prometheus and Alertmanager" + nodePortValuesFile=monitoring/values-prom-nodeport.yaml fi if helm3ReleaseExists prometheus-operator $MON_NS; then - promRelease=prometheus-operator - promName=prometheus-operator + promRelease=prometheus-operator + promName=prometheus-operator else - promRelease=v4m-prometheus-operator - promName=v4m + promRelease=v4m-prometheus-operator + promName=v4m fi log_verbose "User response file: [$PROM_OPER_USER_YAML]" log_info "Deploying the kube-prometheus stack. This may take a few minutes ..." if helm3ReleaseExists $promRelease $MON_NS; then - log_verbose "Upgrading via Helm ($(date) - timeout 20m)" + log_verbose "Upgrading via Helm ($(date) - timeout 20m)" else - grafanaPwd="$GRAFANA_ADMIN_PASSWORD" - if [ "$grafanaPwd" == "" ]; then - log_debug "Generating random Grafana admin password" - showPass="true" - grafanaPwd="$(randomPassword)" - fi - log_verbose "Installing via Helm ($(date) - timeout 20m)" + grafanaPwd="$GRAFANA_ADMIN_PASSWORD" + if [ "$grafanaPwd" == "" ]; then + log_debug "Generating random Grafana admin password" + showPass="true" + grafanaPwd="$(randomPassword)" + fi + log_verbose "Installing via Helm ($(date) - timeout 20m)" fi # See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x -if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then - kubectl delete -n $MON_NS --ignore-not-found \ - deployments.apps \ - -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics +if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then + kubectl delete -n $MON_NS --ignore-not-found \ + deployments.apps \ + -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics fi TRACING_ENABLE="${TRACING_ENABLE:-false}" if [ "$TRACING_ENABLE" == "false" ]; then - tempoDSFile=$TMP_DIR/empty.yaml + tempoDSFile=$TMP_DIR/empty.yaml else - TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}" - if [ ! -f "$TEMPO_USER_YAML" ]; then - log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml" - TEMPO_USER_YAML=$TMP_DIR/empty.yaml - fi - tempoDSFile="monitoring/grafana-datasource-tempo.yaml" -fi + TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}" + if [ ! -f "$TEMPO_USER_YAML" ]; then + log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml" + TEMPO_USER_YAML=$TMP_DIR/empty.yaml + fi + tempoDSFile="monitoring/grafana-datasource-tempo.yaml" +fi # Get Helm Chart Name log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]" chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)" -versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" +versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" log_debug "Installing Helm chart from artifact [$chart2install]" helm $helmDebug upgrade --install $promRelease \ - --namespace $MON_NS \ - -f $imageKeysFile \ - -f monitoring/values-prom-operator.yaml \ - -f $istioValuesFile \ - -f $tlsValuesFile \ - -f $tlsPromAlertingEndpointFile \ - -f $nodePortValuesFile \ - -f $wnpValuesFile \ - -f $PROM_OPER_USER_YAML \ - -f $tempoDSFile \ - --atomic \ - --timeout 20m \ - --set nameOverride=$promName \ - --set fullnameOverride=$promName \ - --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \ - --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \ - --set grafana.fullnameOverride=$promName-grafana \ - --set grafana.adminPassword="$grafanaPwd" \ - --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \ - --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \ - $versionstring \ - $chart2install + --namespace $MON_NS \ + -f $imageKeysFile \ + -f monitoring/values-prom-operator.yaml \ + -f $istioValuesFile \ + -f $tlsValuesFile \ + -f $tlsPromAlertingEndpointFile \ + -f $nodePortValuesFile \ + -f $wnpValuesFile \ + -f $PROM_OPER_USER_YAML \ + -f $tempoDSFile \ + --atomic \ + --timeout 20m \ + --set nameOverride=$promName \ + --set fullnameOverride=$promName \ + --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \ + --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \ + --set grafana.fullnameOverride=$promName-grafana \ + --set grafana.adminPassword="$grafanaPwd" \ + --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \ + --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \ + $versionstring \ + $chart2install sleep 2 #Container Security: Disable serviceAccount Token Automounting disable_sa_token_automount $MON_NS v4m-grafana -disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus +disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus disable_sa_token_automount $MON_NS v4m-node-exporter disable_sa_token_automount $MON_NS v4m-alertmanager @@ -245,42 +244,42 @@ log_verbose "Deploying cluster ServiceMonitors" if [ "$TRACING_ENABLE" == "true" ]; then - log_info "Tracing enabled..." + log_info "Tracing enabled..." - #Generate yaml file with all container-related keys - generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template" + #Generate yaml file with all container-related keys + generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template" - # Add the grafana helm chart repo - helmRepoAdd grafana https://grafana.github.io/helm-charts - helm repo update + # Add the grafana helm chart repo + helmRepoAdd grafana https://grafana.github.io/helm-charts + helm repo update - # Get Helm Chart Name - log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]" - chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" - versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" - log_debug "Installing Helm chart from artifact [$chart2install]" + # Get Helm Chart Name + log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]" + chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" + versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" + log_debug "Installing Helm chart from artifact [$chart2install]" - log_info "Installing tempo" - helm upgrade --install v4m-tempo \ - -n "$MON_NS" \ - -f $imageKeysFile \ - -f monitoring/values-tempo.yaml \ - -f "$TEMPO_USER_YAML" \ - $versionstring \ - $chart2install + log_info "Installing tempo" + helm upgrade --install v4m-tempo \ + -n "$MON_NS" \ + -f $imageKeysFile \ + -f monitoring/values-tempo.yaml \ + -f "$TEMPO_USER_YAML" \ + $versionstring \ + $chart2install fi # NGINX set +e kubectl get ns $NGINX_NS 2>/dev/null if [ $? == 0 ]; then - nginxFound=true + nginxFound=true fi set -e if [ "$nginxFound" == "true" ]; then - log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace" - kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null + log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace" + kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null fi # Eventrouter ServiceMonitor @@ -296,25 +295,25 @@ # Rules log_verbose "Adding Prometheus recording rules" for f in monitoring/rules/viya/rules-*.yaml; do - kubectl apply -n $MON_NS -f $f + kubectl apply -n $MON_NS -f $f done # Elasticsearch Datasource for Grafana LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}" if [ "$LOGGING_DATASOURCE" == "true" ]; then - set +e - log_debug "Creating the logging data source using the create_logging_datasource script" - monitoring/bin/create_logging_datasource.sh + set +e + log_debug "Creating the logging data source using the create_logging_datasource script" + monitoring/bin/create_logging_datasource.sh - if (( $? == 1 )); then - log_warn "Unable to configure the logging data source at this time." - log_warn "Please address the errors and re-run the follow command to create the data source at a later time:" - log_warn "monitoring/bin/create_logging_datasource.sh" - fi - set -e + if (($? == 1)); then + log_warn "Unable to configure the logging data source at this time." + log_warn "Please address the errors and re-run the follow command to create the data source at a later time:" + log_warn "monitoring/bin/create_logging_datasource.sh" + fi + set -e else - log_debug "LOGGING_DATASOURCE not set" - log_debug "Skipping creation of logging data source for Grafana" + log_debug "LOGGING_DATASOURCE not set" + log_debug "Skipping creation of logging data source for Grafana" fi echo "" @@ -325,32 +324,32 @@ get_ingress_ports # get URLs for Grafana, Prometheus and AlertManager -gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") +gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") # pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE") # am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE") set -e # If a deployment with the old name exists, remove it first if helm3ReleaseExists v4m $MON_NS; then - log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace" - helm uninstall -n "$MON_NS" "v4m" + log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace" + helm uninstall -n "$MON_NS" "v4m" fi if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then - log_warn "Unable to update SAS Viya Monitoring Helm chart release" + log_warn "Unable to update SAS Viya Monitoring Helm chart release" fi # Print URL to access web apps log_notice "" log_notice "GRAFANA: " if [ ! -z "$gf_url" ]; then - log_notice " $gf_url" + log_notice " $gf_url" else - log_notice " It was not possible to determine the URL needed to access Grafana. Note " - log_notice " that this is not necessarily a sign of a problem; it may only reflect an " - log_notice " ingress or network access configuration that this script does not handle." + log_notice " It was not possible to determine the URL needed to access Grafana. Note " + log_notice " that this is not necessarily a sign of a problem; it may only reflect an " + log_notice " ingress or network access configuration that this script does not handle." fi - log_notice "" +log_notice "" #log_notice "" #log_notice "================================================================================" @@ -373,14 +372,12 @@ #log_notice "" if [ "$showPass" == "true" ]; then - # Find the grafana pod - - log_notice " Generated Grafana admin password is: $grafanaPwd" - log_notice " To change the password, run the following script (replace myNewPassword with an updated password):" - log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword" + # Find the grafana pod + + log_notice " Generated Grafana admin password is: $grafanaPwd" + log_notice " To change the password, run the following script (replace myNewPassword with an updated password):" + log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword" fi log_message "" log_notice " Successfully deployed components to the [$MON_NS] namespace" - - ---------- You can reformat the above files to meet shfmt's requirements by typing: shfmt -s -w filename ```
github-actions[bot] commented 2 months ago

sh-checker report

To get the full details, please check in the job output.

shellcheck errors ``` 'shellcheck -e SC1004' returned error 1 finding the following syntactical issues: ---------- In monitoring/bin/deploy_monitoring_cluster.sh line 6: cd "$(dirname $BASH_SOURCE)/../.." ^----------^ SC2128 (warning): Expanding an array without an index only gives the first element. ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: cd "$(dirname "$BASH_SOURCE")/../.." In monitoring/bin/deploy_monitoring_cluster.sh line 7: source monitoring/bin/common.sh ^----------------------^ SC1091 (info): Not following: monitoring/bin/common.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 8: source bin/service-url-include.sh ^------------------------^ SC1091 (info): Not following: bin/service-url-include.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 18: source bin/tls-include.sh ^----------------^ SC1091 (info): Not following: bin/tls-include.sh was not specified as input (see shellcheck -x). In monitoring/bin/deploy_monitoring_cluster.sh line 19: if verify_cert_generator $MON_NS prometheus alertmanager grafana; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if verify_cert_generator "$MON_NS" prometheus alertmanager grafana; then In monitoring/bin/deploy_monitoring_cluster.sh line 20: log_debug "cert generator check OK [$cert_generator_ok]" ^----------------^ SC2154 (warning): cert_generator_ok is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 22: log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" ^-------------^ SC2154 (warning): cert_generator is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 26: helm2ReleaseCheck v4m-$MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm2ReleaseCheck v4m-"$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 27: helm2ReleaseCheck prometheus-$MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm2ReleaseCheck prometheus-"$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 43: if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if [ -z "$(kubectl get ns "$MON_NS" -o name 2>/dev/null)" ]; then In monitoring/bin/deploy_monitoring_cluster.sh line 44: kubectl create ns $MON_NS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create ns "$MON_NS" In monitoring/bin/deploy_monitoring_cluster.sh line 47: disable_sa_token_automount $MON_NS default ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" default In monitoring/bin/deploy_monitoring_cluster.sh line 52: generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" ^------------^ SC2154 (warning): imageKeysFile is referenced but not assigned. In monitoring/bin/deploy_monitoring_cluster.sh line 100: if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then ^--^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if kubectl get crd "$crd".monitoring.coreos.com 1>/dev/null 2>&1; then In monitoring/bin/deploy_monitoring_cluster.sh line 101: kubectl replace -f $crdURL ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl replace -f "$crdURL" In monitoring/bin/deploy_monitoring_cluster.sh line 103: kubectl create -f $crdURL ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create -f "$crdURL" In monitoring/bin/deploy_monitoring_cluster.sh line 111: kubectl delete daemonset -n $MON_NS -l app=prometheus-node-exporter --ignore-not-found ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete daemonset -n "$MON_NS" -l app=prometheus-node-exporter --ignore-not-found In monitoring/bin/deploy_monitoring_cluster.sh line 129: create_tls_certs $MON_NS monitoring ${apps[@]} ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. ^--------^ SC2068 (error): Double quote array expansions to avoid re-splitting elements. Did you mean: create_tls_certs "$MON_NS" monitoring ${apps[@]} In monitoring/bin/deploy_monitoring_cluster.sh line 139: kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete cm -n "$MON_NS" --ignore-not-found grafana-datasource-prom-https In monitoring/bin/deploy_monitoring_cluster.sh line 140: kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create cm -n "$MON_NS" grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS In monitoring/bin/deploy_monitoring_cluster.sh line 141: kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl label cm -n "$MON_NS" grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring In monitoring/bin/deploy_monitoring_cluster.sh line 145: kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete cm -n "$MON_NS" node-exporter-tls-web-config --ignore-not-found In monitoring/bin/deploy_monitoring_cluster.sh line 147: kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl create cm -n "$MON_NS" node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 148: kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl label cm -n "$MON_NS" node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring In monitoring/bin/deploy_monitoring_cluster.sh line 160: if helm3ReleaseExists prometheus-operator $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists prometheus-operator "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 169: if helm3ReleaseExists $promRelease $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists $promRelease "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 183: kubectl delete -n $MON_NS --ignore-not-found \ ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl delete -n "$MON_NS" --ignore-not-found \ In monitoring/bin/deploy_monitoring_cluster.sh line 202: chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)" ^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^-------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: chart2install="$(get_helmchart_reference "$KUBE_PROM_STACK_CHART_REPO" "$KUBE_PROM_STACK_CHART_NAME" "$KUBE_PROM_STACK_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 203: versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" ^----------------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: versionstring="$(get_helm_versionstring "$KUBE_PROM_STACK_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 206: helm $helmDebug upgrade --install $promRelease \ ^--------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: helm "$helmDebug" upgrade --install $promRelease \ In monitoring/bin/deploy_monitoring_cluster.sh line 207: --namespace $MON_NS \ ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: --namespace "$MON_NS" \ In monitoring/bin/deploy_monitoring_cluster.sh line 208: -f $imageKeysFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$imageKeysFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 210: -f $istioValuesFile \ ^--------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$istioValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 211: -f $tlsValuesFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tlsValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 212: -f $nodePortValuesFile \ ^-----------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$nodePortValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 213: -f $wnpValuesFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$wnpValuesFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 214: -f $PROM_OPER_USER_YAML \ ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$PROM_OPER_USER_YAML" \ In monitoring/bin/deploy_monitoring_cluster.sh line 215: -f $tempoDSFile \ ^----------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$tempoDSFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 226: $versionstring \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$versionstring" \ In monitoring/bin/deploy_monitoring_cluster.sh line 227: $chart2install ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$chart2install" In monitoring/bin/deploy_monitoring_cluster.sh line 232: disable_sa_token_automount $MON_NS v4m-grafana ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-grafana In monitoring/bin/deploy_monitoring_cluster.sh line 233: disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" sas-ops-acct #Used w/Prometheus In monitoring/bin/deploy_monitoring_cluster.sh line 234: disable_sa_token_automount $MON_NS v4m-node-exporter ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-node-exporter In monitoring/bin/deploy_monitoring_cluster.sh line 235: disable_sa_token_automount $MON_NS v4m-alertmanager ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-alertmanager In monitoring/bin/deploy_monitoring_cluster.sh line 238: disable_sa_token_automount $MON_NS v4m-kube-state-metrics ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-kube-state-metrics In monitoring/bin/deploy_monitoring_cluster.sh line 239: enable_pod_token_automount $MON_NS deployment v4m-kube-state-metrics ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: enable_pod_token_automount "$MON_NS" deployment v4m-kube-state-metrics In monitoring/bin/deploy_monitoring_cluster.sh line 240: disable_sa_token_automount $MON_NS v4m-operator ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: disable_sa_token_automount "$MON_NS" v4m-operator In monitoring/bin/deploy_monitoring_cluster.sh line 241: enable_pod_token_automount $MON_NS deployment v4m-operator ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: enable_pod_token_automount "$MON_NS" deployment v4m-operator In monitoring/bin/deploy_monitoring_cluster.sh line 258: chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: chart2install="$(get_helmchart_reference "$TEMPO_CHART_REPO" "$TEMPO_CHART_NAME" "$TEMPO_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 259: versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" ^------------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: versionstring="$(get_helm_versionstring "$TEMPO_CHART_VERSION")" In monitoring/bin/deploy_monitoring_cluster.sh line 265: -f $imageKeysFile \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: -f "$imageKeysFile" \ In monitoring/bin/deploy_monitoring_cluster.sh line 268: $versionstring \ ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$versionstring" \ In monitoring/bin/deploy_monitoring_cluster.sh line 269: $chart2install ^------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: "$chart2install" In monitoring/bin/deploy_monitoring_cluster.sh line 274: kubectl get ns $NGINX_NS 2>/dev/null ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl get ns "$NGINX_NS" 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 275: if [ $? == 0 ]; then ^-- SC2181 (style): Check exit code directly with e.g. 'if mycmd;', not indirectly with $?. In monitoring/bin/deploy_monitoring_cluster.sh line 282: kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null ^-------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$NGINX_NS" -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 286: kubectl apply -n $MON_NS -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/kube/podMonitor-eventrouter.yaml 2>/dev/null In monitoring/bin/deploy_monitoring_cluster.sh line 289: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-elasticsearch.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 292: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 293: kubectl apply -n $MON_NS -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f monitoring/monitors/logging/serviceMonitor-fluent-bit-v2.yaml In monitoring/bin/deploy_monitoring_cluster.sh line 298: kubectl apply -n $MON_NS -f $f ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. ^-- SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kubectl apply -n "$MON_NS" -f "$f" In monitoring/bin/deploy_monitoring_cluster.sh line 327: gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: gf_url=$(get_service_url "$MON_NS" v4m-grafana "$TLS_ENABLE") In monitoring/bin/deploy_monitoring_cluster.sh line 333: if helm3ReleaseExists v4m $MON_NS; then ^-----^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: if helm3ReleaseExists v4m "$MON_NS"; then In monitoring/bin/deploy_monitoring_cluster.sh line 345: if [ ! -z "$gf_url" ]; then ^-- SC2236 (style): Use -n instead of ! -z. For more information: https://www.shellcheck.net/wiki/SC2068 -- Double quote array expansions to ... https://www.shellcheck.net/wiki/SC2128 -- Expanding an array without an ind... https://www.shellcheck.net/wiki/SC2154 -- cert_generator is referenced but ... ---------- You can address the above issues in one of three ways: 1. Manually correct the issue in the offending shell script; 2. Disable specific issues by adding the comment: # shellcheck disable=NNNN above the line that contains the issue, where NNNN is the error code; 3. Add '-e NNNN' to the SHELLCHECK_OPTS setting in your .yml action file. ```
shfmt errors ``` 'shfmt -s' returned error 1 finding the following formatting issues: ---------- --- monitoring/bin/deploy_monitoring_cluster.sh.orig +++ monitoring/bin/deploy_monitoring_cluster.sh @@ -8,19 +8,19 @@ source bin/service-url-include.sh if [ "$OPENSHIFT_CLUSTER" == "true" ]; then - if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then - log_error "This script should not be run on OpenShift clusters" - log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead" - exit 1 - fi + if [ "${CHECK_OPENSHIFT_CLUSTER:-true}" == "true" ]; then + log_error "This script should not be run on OpenShift clusters" + log_error "Run monitoring/bin/deploy_monitoring_openshift.sh instead" + exit 1 + fi fi source bin/tls-include.sh if verify_cert_generator $MON_NS prometheus alertmanager grafana; then - log_debug "cert generator check OK [$cert_generator_ok]" + log_debug "cert generator check OK [$cert_generator_ok]" else - log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" - exit 1 + log_error "One or more required TLS certs do not exist and the expected certificate generator mechanism [$cert_generator] is not available to create the missing certs" + exit 1 fi helm2ReleaseCheck v4m-$MON_NS @@ -32,33 +32,32 @@ PROM_OPER_USER_YAML="${PROM_OPER_USER_YAML:-$USER_DIR/monitoring/user-values-prom-operator.yaml}" if [ ! -f "$PROM_OPER_USER_YAML" ]; then - log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml" - PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml + log_debug "[$PROM_OPER_USER_YAML] not found. Using $TMP_DIR/empty.yaml" + PROM_OPER_USER_YAML=$TMP_DIR/empty.yaml fi if [ "$HELM_DEBUG" == "true" ]; then - helmDebug="--debug" + helmDebug="--debug" fi if [ -z "$(kubectl get ns $MON_NS -o name 2>/dev/null)" ]; then - kubectl create ns $MON_NS + kubectl create ns $MON_NS - #Container Security: Disable serviceAccount Token Automounting - disable_sa_token_automount $MON_NS default + #Container Security: Disable serviceAccount Token Automounting + disable_sa_token_automount $MON_NS default fi #Generate yaml file with all container-related keys -generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template" -generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" -generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_" -generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_" -generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_" -generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_" -generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_" -generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_" -generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_" +generateImageKeysFile "$PROMOP_FULL_IMAGE" "monitoring/prom-operator_container_image.template" +generateImageKeysFile "$ALERTMANAGER_FULL_IMAGE" "$imageKeysFile" "ALERTMANAGER_" +generateImageKeysFile "$ADMWEBHOOK_FULL_IMAGE" "$imageKeysFile" "ADMWEBHOOK_" +generateImageKeysFile "$KSM_FULL_IMAGE" "$imageKeysFile" "KSM_" +generateImageKeysFile "$NODEXPORT_FULL_IMAGE" "$imageKeysFile" "NODEXPORT_" +generateImageKeysFile "$PROMETHEUS_FULL_IMAGE" "$imageKeysFile" "PROMETHEUS_" +generateImageKeysFile "$CONFIGRELOAD_FULL_IMAGE" "$imageKeysFile" "CONFIGRELOAD_" +generateImageKeysFile "$GRAFANA_FULL_IMAGE" "$imageKeysFile" "GRAFANA_" +generateImageKeysFile "$GRAFANA_SIDECAR_FULL_IMAGE" "$imageKeysFile" "SIDECAR_" - set -e log_notice "Deploying monitoring to the [$MON_NS] namespace..." @@ -68,43 +67,43 @@ istioValuesFile=$TMP_DIR/empty.yaml # Istio - Federate data from Istio's Prometheus instance if [ "$ISTIO_ENABLED" == "true" ]; then - log_verbose "Including Istio metric federation" - istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml + log_verbose "Including Istio metric federation" + istioValuesFile=$TMP_DIR/values-prom-operator-tmp.yaml else - log_debug "ISTIO_ENABLED flag not set" - log_debug "Skipping deployment of federated scrape of Istio Prometheus instance" + log_debug "ISTIO_ENABLED flag not set" + log_debug "Skipping deployment of federated scrape of Istio Prometheus instance" fi # Check if Prometheus Operator CRDs are already installed PROM_OPERATOR_CRD_UPDATE=${PROM_OPERATOR_CRD_UPDATE:-true} if [ "$PROM_OPERATOR_CRD_UPDATE" == "true" ]; then - log_verbose "Updating Prometheus Operator custom resource definitions" - crds=( alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes ) - for crd in "${crds[@]}"; do - - ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR. - if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then - crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml + log_verbose "Updating Prometheus Operator custom resource definitions" + crds=(alertmanagerconfigs alertmanagers prometheuses prometheusrules podmonitors servicemonitors thanosrulers probes) + for crd in "${crds[@]}"; do - ## Fail if the CRDs could not be located. - if [ ! -f "$crdURL" ]; then - log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in" - log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory" - log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment" - exit 1 - fi - else - crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml" - fi + ## Determine CRD URL - if in an airgap environment, look for them in USER_DIR. + if [ "$AIRGAP_DEPLOYMENT" == "true" ]; then + crdURL=$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION/monitoring.coreos.com_$crd.yaml - if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then - kubectl replace -f $crdURL - else - kubectl create -f $crdURL - fi - done + ## Fail if the CRDs could not be located. + if [ ! -f "$crdURL" ]; then + log_error "Unable to locate file: [monitoring.coreos.com_$crd.yaml] in" + log_error "[$USER_DIR/monitoring/prometheus-operator-crd/$PROM_OPERATOR_CRD_VERSION] directory" + log_error "Please make sure to provide all Prometheus Operator CRDs before running the deployment" + exit 1 + fi + else + crdURL="https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/$PROM_OPERATOR_CRD_VERSION/example/prometheus-operator-crd/monitoring.coreos.com_$crd.yaml" + fi + + if kubectl get crd $crd.monitoring.coreos.com 1>/dev/null 2>&1; then + kubectl replace -f $crdURL + else + kubectl create -f $crdURL + fi + done else - log_debug "Prometheus Operator CRD update disabled" + log_debug "Prometheus Operator CRD update disabled" fi # Remove existing DaemonSets in case of an upgrade-in-place @@ -113,11 +112,11 @@ # Optional workload node placement support MON_NODE_PLACEMENT_ENABLE=${MON_NODE_PLACEMENT_ENABLE:-${NODE_PLACEMENT_ENABLE:-false}} if [ "$MON_NODE_PLACEMENT_ENABLE" == "true" ]; then - log_verbose "Enabling monitoring components for workload node placement" - wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml" + log_verbose "Enabling monitoring components for workload node placement" + wnpValuesFile="monitoring/node-placement/values-prom-operator-wnp.yaml" else - log_debug "Workload node placement support is disabled" - wnpValuesFile="$TMP_DIR/empty.yaml" + log_debug "Workload node placement support is disabled" + wnpValuesFile="$TMP_DIR/empty.yaml" fi # Optional TLS Support @@ -125,112 +124,112 @@ serviceMonitorEndpointScheme="http" if [ "$TLS_ENABLE" == "true" ]; then - apps=( prometheus alertmanager grafana ) - create_tls_certs $MON_NS monitoring ${apps[@]} + apps=(prometheus alertmanager grafana) + create_tls_certs $MON_NS monitoring ${apps[@]} - tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml - log_debug "Including TLS response file $tlsValuesFile" + tlsValuesFile=monitoring/tls/values-prom-operator-tls.yaml + log_debug "Including TLS response file $tlsValuesFile" - log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana" - grafanaDS=grafana-datasource-prom-https.yaml - if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then - grafanaDS=grafana-datasource-prom-https-path.yaml - fi - kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https - kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS - kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring + log_verbose "Provisioning TLS-enabled Prometheus datasource for Grafana" + grafanaDS=grafana-datasource-prom-https.yaml + if [ "$MON_TLS_PATH_INGRESS" == "true" ]; then + grafanaDS=grafana-datasource-prom-https-path.yaml + fi + kubectl delete cm -n $MON_NS --ignore-not-found grafana-datasource-prom-https + kubectl create cm -n $MON_NS grafana-datasource-prom-https --from-file monitoring/tls/$grafanaDS + kubectl label cm -n $MON_NS grafana-datasource-prom-https grafana_datasource=1 sas.com/monitoring-base=kube-viya-monitoring - # node-exporter TLS - log_verbose "Enabling Prometheus node-exporter for TLS" - kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found - sleep 1 - kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml - kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring + # node-exporter TLS + log_verbose "Enabling Prometheus node-exporter for TLS" + kubectl delete cm -n $MON_NS node-exporter-tls-web-config --ignore-not-found + sleep 1 + kubectl create cm -n $MON_NS node-exporter-tls-web-config --from-file monitoring/tls/node-exporter-web.yaml + kubectl label cm -n $MON_NS node-exporter-tls-web-config sas.com/monitoring-base=kube-viya-monitoring - serviceMonitorEndpointScheme="https" + serviceMonitorEndpointScheme="https" fi nodePortValuesFile=$TMP_DIR/empty.yaml PROM_NODEPORT_ENABLE=${PROM_NODEPORT_ENABLE:-false} if [ "$PROM_NODEPORT_ENABLE" == "true" ]; then - log_debug "Enabling NodePort access for Prometheus and Alertmanager" - nodePortValuesFile=monitoring/values-prom-nodeport.yaml + log_debug "Enabling NodePort access for Prometheus and Alertmanager" + nodePortValuesFile=monitoring/values-prom-nodeport.yaml fi if helm3ReleaseExists prometheus-operator $MON_NS; then - promRelease=prometheus-operator - promName=prometheus-operator + promRelease=prometheus-operator + promName=prometheus-operator else - promRelease=v4m-prometheus-operator - promName=v4m + promRelease=v4m-prometheus-operator + promName=v4m fi log_verbose "User response file: [$PROM_OPER_USER_YAML]" log_info "Deploying the kube-prometheus stack. This may take a few minutes ..." if helm3ReleaseExists $promRelease $MON_NS; then - log_verbose "Upgrading via Helm ($(date) - timeout 20m)" + log_verbose "Upgrading via Helm ($(date) - timeout 20m)" else - grafanaPwd="$GRAFANA_ADMIN_PASSWORD" - if [ "$grafanaPwd" == "" ]; then - log_debug "Generating random Grafana admin password" - showPass="true" - grafanaPwd="$(randomPassword)" - fi - log_verbose "Installing via Helm ($(date) - timeout 20m)" + grafanaPwd="$GRAFANA_ADMIN_PASSWORD" + if [ "$grafanaPwd" == "" ]; then + log_debug "Generating random Grafana admin password" + showPass="true" + grafanaPwd="$(randomPassword)" + fi + log_verbose "Installing via Helm ($(date) - timeout 20m)" fi # See https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-21x-to-22x -if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ "$V4M_CURRENT_VERSION_MINOR" =~ [0-5] ]]; then - kubectl delete -n $MON_NS --ignore-not-found \ - deployments.apps \ - -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics +if [ "$V4M_CURRENT_VERSION_MAJOR" == "1" ] && [[ $V4M_CURRENT_VERSION_MINOR =~ [0-5] ]]; then + kubectl delete -n $MON_NS --ignore-not-found \ + deployments.apps \ + -l app.kubernetes.io/instance=v4m-prometheus-operator,app.kubernetes.io/name=kube-state-metrics fi TRACING_ENABLE="${TRACING_ENABLE:-false}" if [ "$TRACING_ENABLE" == "false" ]; then - tempoDSFile=$TMP_DIR/empty.yaml + tempoDSFile=$TMP_DIR/empty.yaml else - TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}" - if [ ! -f "$TEMPO_USER_YAML" ]; then - log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml" - TEMPO_USER_YAML=$TMP_DIR/empty.yaml - fi - tempoDSFile="monitoring/grafana-datasource-tempo.yaml" -fi + TEMPO_USER_YAML="${TEMPO_USER_YAML:-$USER_DIR/monitoring/user-values-tempo.yaml}" + if [ ! -f "$TEMPO_USER_YAML" ]; then + log_debug "[$TEMPO_USER_YAML] not found. Using $TMP_DIR/empty.yaml" + TEMPO_USER_YAML=$TMP_DIR/empty.yaml + fi + tempoDSFile="monitoring/grafana-datasource-tempo.yaml" +fi # Get Helm Chart Name log_debug "Kube-Prometheus Stack Helm Chart: repo [$KUBE_PROM_STACK_CHART_REPO] name [$KUBE_PROM_STACK_CHART_NAME] version [$KUBE_PROM_STACK_CHART_VERSION]" chart2install="$(get_helmchart_reference $KUBE_PROM_STACK_CHART_REPO $KUBE_PROM_STACK_CHART_NAME $KUBE_PROM_STACK_CHART_VERSION)" -versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" +versionstring="$(get_helm_versionstring $KUBE_PROM_STACK_CHART_VERSION)" log_debug "Installing Helm chart from artifact [$chart2install]" helm $helmDebug upgrade --install $promRelease \ - --namespace $MON_NS \ - -f $imageKeysFile \ - -f monitoring/values-prom-operator.yaml \ - -f $istioValuesFile \ - -f $tlsValuesFile \ - -f $nodePortValuesFile \ - -f $wnpValuesFile \ - -f $PROM_OPER_USER_YAML \ - -f $tempoDSFile \ - --atomic \ - --timeout 20m \ - --set nameOverride=$promName \ - --set fullnameOverride=$promName \ - --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \ - --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \ - --set grafana.fullnameOverride=$promName-grafana \ - --set grafana.adminPassword="$grafanaPwd" \ - --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \ - --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \ - $versionstring \ - $chart2install + --namespace $MON_NS \ + -f $imageKeysFile \ + -f monitoring/values-prom-operator.yaml \ + -f $istioValuesFile \ + -f $tlsValuesFile \ + -f $nodePortValuesFile \ + -f $wnpValuesFile \ + -f $PROM_OPER_USER_YAML \ + -f $tempoDSFile \ + --atomic \ + --timeout 20m \ + --set nameOverride=$promName \ + --set fullnameOverride=$promName \ + --set prometheus-node-exporter.fullnameOverride=$promName-node-exporter \ + --set kube-state-metrics.fullnameOverride=$promName-kube-state-metrics \ + --set grafana.fullnameOverride=$promName-grafana \ + --set grafana.adminPassword="$grafanaPwd" \ + --set grafana.serviceMonitor.scheme="$serviceMonitorEndpointScheme" \ + --set prometheus.prometheusSpec.alertingEndpoints[0].namespace="$MON_NS" \ + $versionstring \ + $chart2install sleep 2 #Container Security: Disable serviceAccount Token Automounting disable_sa_token_automount $MON_NS v4m-grafana -disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus +disable_sa_token_automount $MON_NS sas-ops-acct #Used w/Prometheus disable_sa_token_automount $MON_NS v4m-node-exporter disable_sa_token_automount $MON_NS v4m-alertmanager @@ -244,42 +243,42 @@ log_verbose "Deploying cluster ServiceMonitors" if [ "$TRACING_ENABLE" == "true" ]; then - log_info "Tracing enabled..." + log_info "Tracing enabled..." - #Generate yaml file with all container-related keys - generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template" + #Generate yaml file with all container-related keys + generateImageKeysFile "$TEMPO_FULL_IMAGE" "monitoring/tempo_container_image.template" - # Add the grafana helm chart repo - helmRepoAdd grafana https://grafana.github.io/helm-charts - helm repo update + # Add the grafana helm chart repo + helmRepoAdd grafana https://grafana.github.io/helm-charts + helm repo update - # Get Helm Chart Name - log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]" - chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" - versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" - log_debug "Installing Helm chart from artifact [$chart2install]" + # Get Helm Chart Name + log_debug "Tempo Helm Chart: repo [$TEMPO_CHART_REPO] name [$TEMPO_CHART_NAME] version [$TEMPO_CHART_VERSION]" + chart2install="$(get_helmchart_reference $TEMPO_CHART_REPO $TEMPO_CHART_NAME $TEMPO_CHART_VERSION)" + versionstring="$(get_helm_versionstring $TEMPO_CHART_VERSION)" + log_debug "Installing Helm chart from artifact [$chart2install]" - log_info "Installing tempo" - helm upgrade --install v4m-tempo \ - -n "$MON_NS" \ - -f $imageKeysFile \ - -f monitoring/values-tempo.yaml \ - -f "$TEMPO_USER_YAML" \ - $versionstring \ - $chart2install + log_info "Installing tempo" + helm upgrade --install v4m-tempo \ + -n "$MON_NS" \ + -f $imageKeysFile \ + -f monitoring/values-tempo.yaml \ + -f "$TEMPO_USER_YAML" \ + $versionstring \ + $chart2install fi # NGINX set +e kubectl get ns $NGINX_NS 2>/dev/null if [ $? == 0 ]; then - nginxFound=true + nginxFound=true fi set -e if [ "$nginxFound" == "true" ]; then - log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace" - kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null + log_verbose "NGINX found. Deploying podMonitor to [$NGINX_NS] namespace" + kubectl apply -n $NGINX_NS -f monitoring/monitors/kube/podMonitor-nginx.yaml 2>/dev/null fi # Eventrouter ServiceMonitor @@ -295,25 +294,25 @@ # Rules log_verbose "Adding Prometheus recording rules" for f in monitoring/rules/viya/rules-*.yaml; do - kubectl apply -n $MON_NS -f $f + kubectl apply -n $MON_NS -f $f done # Elasticsearch Datasource for Grafana LOGGING_DATASOURCE="${LOGGING_DATASOURCE:-false}" if [ "$LOGGING_DATASOURCE" == "true" ]; then - set +e - log_debug "Creating the logging data source using the create_logging_datasource script" - monitoring/bin/create_logging_datasource.sh + set +e + log_debug "Creating the logging data source using the create_logging_datasource script" + monitoring/bin/create_logging_datasource.sh - if (( $? == 1 )); then - log_warn "Unable to configure the logging data source at this time." - log_warn "Please address the errors and re-run the follow command to create the data source at a later time:" - log_warn "monitoring/bin/create_logging_datasource.sh" - fi - set -e + if (($? == 1)); then + log_warn "Unable to configure the logging data source at this time." + log_warn "Please address the errors and re-run the follow command to create the data source at a later time:" + log_warn "monitoring/bin/create_logging_datasource.sh" + fi + set -e else - log_debug "LOGGING_DATASOURCE not set" - log_debug "Skipping creation of logging data source for Grafana" + log_debug "LOGGING_DATASOURCE not set" + log_debug "Skipping creation of logging data source for Grafana" fi echo "" @@ -324,32 +323,32 @@ get_ingress_ports # get URLs for Grafana, Prometheus and AlertManager -gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") +gf_url=$(get_service_url $MON_NS v4m-grafana "$TLS_ENABLE") # pr_url=$(get_url $MON_NS v4m-prometheus "$TLS_ENABLE") # am_url=$(get_url $MON_NS v4m-alertmanager "$TLS_ENABLE") set -e # If a deployment with the old name exists, remove it first if helm3ReleaseExists v4m $MON_NS; then - log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace" - helm uninstall -n "$MON_NS" "v4m" + log_verbose "Removing outdated SAS Viya Monitoring Helm chart release from [$MON_NS] namespace" + helm uninstall -n "$MON_NS" "v4m" fi if ! deployV4MInfo "$MON_NS" "v4m-metrics"; then - log_warn "Unable to update SAS Viya Monitoring Helm chart release" + log_warn "Unable to update SAS Viya Monitoring Helm chart release" fi # Print URL to access web apps log_notice "" log_notice "GRAFANA: " if [ ! -z "$gf_url" ]; then - log_notice " $gf_url" + log_notice " $gf_url" else - log_notice " It was not possible to determine the URL needed to access Grafana. Note " - log_notice " that this is not necessarily a sign of a problem; it may only reflect an " - log_notice " ingress or network access configuration that this script does not handle." + log_notice " It was not possible to determine the URL needed to access Grafana. Note " + log_notice " that this is not necessarily a sign of a problem; it may only reflect an " + log_notice " ingress or network access configuration that this script does not handle." fi - log_notice "" +log_notice "" #log_notice "" #log_notice "================================================================================" @@ -372,14 +371,12 @@ #log_notice "" if [ "$showPass" == "true" ]; then - # Find the grafana pod - - log_notice " Generated Grafana admin password is: $grafanaPwd" - log_notice " To change the password, run the following script (replace myNewPassword with an updated password):" - log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword" + # Find the grafana pod + + log_notice " Generated Grafana admin password is: $grafanaPwd" + log_notice " To change the password, run the following script (replace myNewPassword with an updated password):" + log_notice " monitoring/bin/change_grafana_admin_password.sh -p myNewPassword" fi log_message "" log_notice " Successfully deployed components to the [$MON_NS] namespace" - - ---------- You can reformat the above files to meet shfmt's requirements by typing: shfmt -s -w filename ```
gsmith-sas commented 2 weeks ago

Abandoning this change due to unexpected problems when ingress is not defined.